The results from the 2014 U.S. State of Cybercrime Survey conducted by PwC, CSO Magazine, CERT and the U.S. Secret Service came out at the end of May. The report reveals a number of disturbing trends. Despite the number of cybercrime incidences and the rising cost to organizations, the ability to combat these cybercriminals is not keeping up.
To demonstrate the frightening state of cybercrime, here are few of the more disturbing statistics pulled from the survey results.
- The number of security incidences detected reached as high as 135 per organization.
- 2/3 of organizations were unable to say what each incident cost them.
- The 1/3 of organizations who could put a price tag on it reported a total average loss of $415,000.
- Only 38% of organizations prioritize investments in security based on risk and impact to business.
- Only 44% of companies have a process for evaluating third-party vendors before doing business with them and only 31% include security provisions in their contracts.
- Despite mobile devices increasing risk, security lags with only 36% of organizations using mobile device management.
- Most organizations fail to address the insider threat; 75% of organizations do not take legal action against insiders, and only 49% have a formal plan for dealing with internal threats.
- More than half of organizations are not providing security training for new employees.
Considering the increasing risk of cyber attack and the costs that come with breaches, it’s time for businesses to up their cybersecurity awareness and programs. Some of the above alarming stats should be easy targets for improving. You may not have a system in place to track the cost of a breach, but most companies could decrease their chances for an attack by increasing cybersecurity training for employees.
Cybercriminals are motivated and they’ve seen success. They’ll continue to find ways into systems and grab valuable information. Let’s not make it any easier for them than it already is.
Start improving security now. Join our free WebTracks Series webinar tomorrow as Chris Veltsos shares insight on how to improve your security awareness programs. In this webinar, Veltsos will discuss how to change human behavior to enhance your programs.